Re: [dev] Surf assumes all SSL connections are good, which is bad

From: David Thiel <lx_AT_redundancy.redundancy.org>
Date: Wed, 10 Feb 2010 22:46:15 -0800

On 02/09/10 23:54, Alexander Surma wrote:
> Well, the connection is definitely encrypted. Regardless of a man in
> the middle or not ;)
> However - I see your point.
> My suggestion would be, that we allow yet another userscript to handle
> this. I for one do not care for verifying certificates. But for those
> who do, some kind of interface would be nice, woudln't it?

I think that if SSL is going to be supported, it should be supported
fully, within surf itself. One of the things I like about surf is that
it's actually usable without hacky user scripts, unlike, say, uzbl.
Otherwise, there's really no point; you're basically sending everything
in the clear, and SSL hasn't been implemented in any meaningful fashion.
And worse yet, surf *acts* like it's doing SSL when it isn't. Without
verification, surf is only usable for non-sensitive content -- you'd
have to be huffing enormous amounts of glue to even consider logging
into your bank with it.

Everyone hates the CAs, there's no argument there. I even think that
distributing a CA store with the browser itself is a potentially bad
move. But I personally consider the approach of combining "TOFU" and CA
cert verification is a pretty decent heuristic. Using TOFU-only would be
a first for a web browser, and I think that could be kind of neat. But
the least, just check an environment variable for a certificate store,
and if it's there, verify and turn the status bar green. Otherwise, it
stays red.
Received on Thu Feb 11 2010 - 06:46:15 UTC

This archive was generated by hypermail 2.2.0 : Thu Feb 11 2010 - 07:24:02 UTC